/os/ - Online Security

News, techniques and methods for computer network security.

Boards | Catalog | Bottom

Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096


Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.


Meta Thread Endwall 07/12/2016 (Tue) 12:03:36 [Preview] No. 171 [Reply] [Last 50 Posts]
Post any comments, concerns, or requests for the board in this thread.
Edited last time by Endwall on 07/12/2016 (Tue) 12:15:00.
26 posts and 6 images omitted.


Endwall 02/12/2018 (Mon) 05:16:08 [Preview] No.1114 del
This entire board >>>/os/ is basically the last 30 mins of Star Trek 2: The Wrath of Khan, with Endwall in the staring roll as Khan, and Admiral Michael Rodgers in the Staring role as Captain James T. Kirk.

Endwall: "I spit my dying last spit at thee Rogers!!"
Admiral Michael Rogers: "ENDWAAAAAAAAALLLLLLLLLLLL!!!!!!!!!!!!!!!!!!!"


Anonymous 02/13/2018 (Tue) 21:59:58 [Preview] No.1118 del
>>1108
There we go.


Endwall 02/18/2018 (Sun) 05:49:07 [Preview] No.1136 del
>>1114

How I thought my computer privacy and security and anonymity was doing:
https://youtube.com/watch?v=e7X01_j_oDA [Embed]

How my computer security privacy and anonymity actually is:
https://youtube.com/watch?v=iPQfwmfRq2s [Embed]
https://youtube.com/watch?v=xrUEjpHbUMM [Embed]
Edited last time by Endwall on 02/18/2018 (Sun) 06:46:54.


>banner Anonymous 10/07/2018 (Sun) 17:27:20 [Preview] No.1326 del
I see this banner as: oops, your penis has been encrypted!


Endwall 12/01/2018 (Sat) 12:18:33 [Preview] No.1347 del
>>1326

Rogers...? Is that you my old friend...?

You should always encrypt your dick when in public...

It is very cold in cyberspace



Welcome to Online Security: Sticky Thread Endwall 07/13/2016 (Wed) 03:11:01 [Preview] No. 181 [Reply] [Last 50 Posts]
Hello and Welcome to /os/, Online Security. This is a board for the discussion of online security, privacy, anonymity, and news from cybersecurity and privacy world.
RULEZ
1.Follow the global rules
2.No Spam
3.No Classified Documents or leaks of Classified Documents or Files (News articles, or commentary about the documents or files is OK)
4.No Child Exploitation Material
5.Images should be safe for work and relevant to the post or thread, commentary can be NSFW
6.No Advertisements of Hacker Services or Solicitations for Hacking Services
Related Boards
tech >>>/tech/ Hacker >>>/h4x0r/ Security Concepts>>>/sec/ EndSoft >>>/endsoft/
Privacy Guides
https://thetinhat.com/index.html
https://archive.is/zq2Ip
http://crypty22ijtotell.onion/handbook/
http://yuxv6qujajqvmypv.onion
http://deepdot35wvmeyd5.onion/security-tutorials/
Software Recommendations

Message too long. Click here to view full text.

Edited last time by Endwall on 11/20/2018 (Tue) 04:09:31.


Sticky Bump Endwall 10/23/2016 (Sun) 18:54:40 [Preview] No. 624 del
TOP BUMP
Additions:
TENS , https://spi.dod.mil/lipose.htm , US Air Force Live CD <-- online banking for mom and dad.
LibertyBSD http://libertybsd.net/ , https://libreboot.org/docs/bsd/openbsd.html
Edited last time by Endwall on 01/02/2017 (Mon) 11:03:40.


Sticky Bump Endwall 04/30/2017 (Sun) 03:29:12 [Preview] No. 894 del
Heads https://heads.dyne.org/ http://fz474h2o46o2u7xj.onion ; Devuan non-systemd version of Tails (Disclaimer: Website/Project uses occult language with communist signals)
Devuan https://www.devuan.org/ http://devuanzuwu3xoqwp.onion
Systemd Free http://systemd-free.org/
Edited last time by Endwall on 10/07/2017 (Sat) 03:03:59.


Endwall 06/01/2017 (Thu) 08:14:41 [Preview] No. 933 del
Mozilla Firefox Hardened Profile
https://github.com/ghacksuserjs/ghacks-user.js



Endware Endwall 05/03/2016 (Tue) 08:54:28 [Preview] No. 32 [Reply] [Last 50 Posts]
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Message too long. Click here to view full text.

225 posts and 3 images omitted.


Endwall 11/10/2018 (Sat) 04:51:11 [Preview] No.1336 del
Endware is on hiatus until December 22. I have too much school work. I'm literally busy everyday with some assignment or lab report, or studying for a quiz or test, or trying to catch up. I'll do some fixing up and cleaning up and updating over Christmas.


Anonymous 11/12/2018 (Mon) 12:39:21 [Preview] No.1337 del
>>1336
Good luck on your tests & assessment

>>1337
Epic


Endwall 11/19/2018 (Mon) 18:35:19 [Preview] No.1341 del
I've updated the hidden services to v3, here is the new link.

Endware Hidden Service

http://4zrrnwrjkedzhvh7z5lxph45tmmfzxvnha6435sgrefrfwyn6kav55qd.onion

All that is required is to add this line to your torrc below the line stating where the hidden service directory is

HiddenServiceVersion 3

and restart tor.

I can update the Secure Computing Practices Links page to v3 if requested. I haven't heard anything about that project in a while.


Endwall 11/20/2018 (Tue) 04:01:23 [Preview] No.1342 del
Secure Computing Practices Links
http://bvmo2axfy6aetmsddfe6x2wszjkbcechfoajuguxcrkvhssfm6tr2fad.onion/

I updated it to v3 as well, sorry if that breaks your links. Just re-post them.


Anonymous 12/15/2018 (Sat) 15:27:13 [Preview] No.1351 del
This is a pretty impressive body of work!



Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply] [Last 50 Posts]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
517 posts and 3 images omitted.


Anonymous 11/17/2018 (Sat) 07:10:01 [Preview] No.1340 del
>>1339

https://archive.fo/20M7z

We'll see where this goes. If you use protonmail, encrypt your messages with your own pgp key. Don't rely on any third party to keep your messages safe.
This just puts proton mail into gmail territory. If you want real email security follow the general steps posted here:

>>992
>>1211

Even if you use gpg and the attacker has access to the encrypted cypher text, frequency analysis can be used to perform probabilistic decryption, and then check words against a dictionary to confirm the decryption (completely automated). So add alot of noise to lower the signal to noise ratio if your cypher text is stored remotely by a third party. I'm removing protonmail from the recommended carriers if this attack is confirmed with evidence.


Endwall 11/21/2018 (Wed) 04:48:33 [Preview] No.1343 del
Hak5
20 Minute ATM Hacks, Google Fi Adds A VPN! - ThreatWire
https://youtube.com/watch?v=StTkFzCLqbM [Embed]

Published on Nov 20, 2018
Millions of SMS Messages were exposed in a leak, a New Always-On VPN from Google Fi is now available, and hacking an ATM in 20 minutes or less? Totally possible!


Endwall 11/22/2018 (Thu) 01:58:39 [Preview] No.1344 del
>>1340

Follow up, copied from 8chan, copied from 4chan.

https://paste.tbee-clan.de/JLwHh

Deadline is Friday 23rd November. We'll see what happens. Either way, use pgp / gpg when you send emails of a sensitive nature, never trust a third party with your message security / integrity. Do not communicate in plain text if the content of your messages is sensitive.


Endwall 12/01/2018 (Sat) 07:07:54 [Preview] No.1346 del
Hak5
USPS Exposes 60 Million; Amazon Ignores Infosec Incident Questions - ThreatWire 8:29
https://youtube.com/watch?v=KZ7XYr_VKm0 [Embed]

Amazon quietly discloses a security incident, USPS finally fixes a vulnerability they knew about a year ago, and rowhammer is back with a vengeance !


Endwall 12/09/2018 (Sun) 01:29:17 [Preview] No.1349 del
Hak5
Marriott’s Starwood Database Stolen - 500 Million Guests Exposed - ThreatWire 10:25
https://youtube.com/watch?v=fbP5LrQLEyc [Embed]
Dunkin Donuts Got Hacked?! Not Necessarily, 500M Customers are Affected in a Huge Breach, and Thousands of Routers are infected with an NSA exploit! All that coming up now on ThreatWire.



Youtube Replacements Endwall 06/11/2016 (Sat) 08:29:50 [Preview] No. 78 [Reply] [Last 50 Posts]
Google engages in sophisticated datamining of your video viewership. Youtube is also a prism service provider.

List any substitutes for youtube for use with youtube-dl or endtube below:
29 posts omitted.


Endwall 08/03/2016 (Wed) 10:41:53 [Preview] No. 247 del


Endwall 10/29/2016 (Sat) 16:29:00 [Preview] No. 633 del


Anonymous 05/24/2017 (Wed) 03:06:35 [Preview] No. 927 del


Endwall 12/09/2018 (Sun) 00:38:34 [Preview] No.1348 del



OPSEC Endwall 08/23/2016 (Tue) 01:08:39 [Preview] No. 357 [Reply] [Last 50 Posts]
Discuss best practices for operational security.
17 posts omitted.


Anonymous 09/04/2018 (Tue) 22:26:56 [Preview] No.1306 del
>>1248
>Use an OS like TAILS or Whonix to spoof your MAC address
Any BSD/Linux machine can do this with GNU macchanger [1].
I don't know how Tails or Whonix does Mac spoofing but I'd imagine they use the same thing.

1: https://directory.fsf.org/wiki/Macchanger (note: hasn't been updated in 4 years)


Anonymous 09/28/2018 (Fri) 07:34:00 [Preview] No.1323 del
Currently using Icecat 60.2.0 ESR. It comes with by far the best addon I've ever used on any web browser called Searxes' Third-party Request Blocker. I just use that instead of NoScript. Icecat as a web browser has a couple of issues, one of them being the same issue that the Tor browser has. I only install uBlock Origin, CanvasBlocker (enable expert mode to see what I mean), and Greasemonkey. I don't even use a user.js file because I generally trust Icecat. I cannot emphasize enough on how good the addon is. This is still not fully available for most distros but it is available for some.


passwords/passphrases Endwall 10/18/2018 (Thu) 22:50:06 [Preview] No.1328 del
Cross-posting copy-pasta from >>>/b/19022

"I've covered this in an old OPSEC thread and I think I'll report this password tip copypasta because it is a very good security tip (the two anons were originally from 8chan/n/):
PASSWORD SECURITY TIPS
Anon #1 posts following: Now As far as passwords go, here is how I do it: I'll give you an example by posting a supposed password: donotletthefedsseethisaccount887756

As you can tell, this passowrd has 35 characters total. This is A LOT of characters but also easy to memorize too, for example, its easy to remember the phrase; "do not let the feds see this account" ; and added to that phrase is a code (which you can also memorize easily) 887756. Once you come up with a phrase you can memorize it, then attach a code number you can easily remember right after it. This will make your password very difficult for hackers or spies to brute force using 'dictionary attacks' by adding random entropy at the end of the phrase (via the random code). This 'password' would be unbelievably hard to crack if it were not a fake and had I not posted it. Use your tinfoil hats, paranoia can be your best friend.

Anon #2 responds to Anon #1: It is better not to do letter/number type strings camel casing and special characters as well. Pass phrases are easier to remember but mixing it up makes it exponentially harder to brute. Though your example is secure enough a minor change can make a large difference in your password scheme. Also a lot of programs cut you off at 16 (or even fewer) characters so casing/ascii helps.

Ex: donotletthefedsseethisaccount887756 would average 10^66 tries. Just moving the numbers and adding casing/one special character you get: Do8Not8Let7The7Feds5See6This@ccount which bumps it up to 10^84 and is just as easy to remember."


Endwall 10/20/2018 (Sat) 04:58:20 [Preview] No.1329 del
>>1328

While I think this is good, for memorization, I use 25-40 character random ascii passwords using /dev/urandom or
passgen.sh. I write these down in a notebook that I keep in a small safe in my computer room/ study. I
also add random characters inserted into the computer generated password. Some of these passwords are memorized
and not written down anywhere. For example the codes I use for user login and for cryptsetup and gpg are
memorized, while the codes for github, protonmail, and other online services are written down in a notebook that I keep in a safe. I use different passwords for every distinct online service.

Ultimately I would want a system as follows: 2 factor authentication, Factor 1 would be a 20-30 character
memorized passphrase number combination as mentioned above in >>1328 or using random memorized ASCII like I currently do. Factor 2 would be a 3.5" floppy disk with 1.44MB of random ASCII characters generated using OpenBSD on a Sun Sparc or DEC Alpha air-gap computer, with read only permissions and a hash, and the write protect toggle on. You would boot
your computer using both the disk key with the non-guessable ,random passphrase and with the memorized code.
You would keep the key in a safe in your study when not in use or on your person 24/7. Preferably you would
need both keys to open the encrypted computer. The memorized passphrase would allow you to boot to the point
where you need another key to decrypt the entire volume. This second stage uses a non dictionary, anti-brute
force password consisting of 1.44MB of random ASCII, that can't be guessed or memorized, stored on a floppy disk
for rapid destruction by neodymium magnet, mechanical shredding, and burning with a lighter. Once the volume is unlocked the computer should instruct you to remove the disk from the drive and stow it away, so that the OS never gets to or has the chance to read the contents of the disk once authenticated.

Message too long. Click here to view full text.



Anonymous 11/27/2018 (Tue) 22:41:04 [Preview] No.1345 del
>>1323
Have you used uMatrix before?
Very similar idea to this 3P blocker except you can specify what type of content you want blocked. I.e. XHR, JavaScript, iframes, CSS, fonts, etc.
I swear by it. It's very useful, the interface takes a little to get used to but once you do you can work very efficiently with it.



Discussion Thread Endwall 02/24/2018 (Sat) 01:52:08 [Preview] No. 1145 [Reply] [Last 50 Posts]
DISCUSSION THREAD
Want to say something off topic about anything?

Have a hot tip about something in the computer security world that doesn't fit into any current thread or category?

Want to chat with your fellow invisible 7 proxy friends?

Want to tell Lt. Gen Michael Hayden, GEN Keith Alexander, ADM Michael Rogers, GOOGLE, AMAZON, FACEBOOK and Microsoft etc. how you feel?

It's open mic at >>>/os/ , anything goes!!

Put all of your banter here:
45 posts and 1 image omitted.


Endwall 09/23/2018 (Sun) 21:01:45 [Preview] No.1313 del
>>1290
>>1291
>>1292
Telephone Network Interface Device Box
https://youtube.com/watch?v=2DtwQpQ0dz8 [Embed]
https://youtube.com/watch?v=awAQahRYjnQ [Embed]


Endwall 09/23/2018 (Sun) 21:15:12 [Preview] No.1314 del
>>1313
Park in a white Van, with battery powered rig, and a 100ft extension cord for the telephone, at 3am. Open it up, connect, post disconnect, lock it, drive away.


Anonymous 09/26/2018 (Wed) 13:16:47 [Preview] No.1321 del
Login, Endwall guy.


Endwall 09/27/2018 (Thu) 04:11:20 [Preview] No.1322 del
>>1321

I added code tags to >>>/endsoft/

They weren't enabled for some reason. I'm logged in right now, I'll be getting down to homework in a bit, so I'll be off soon. Thanks.


Endwall 11/04/2018 (Sun) 06:14:40 [Preview] No.1332 del
Queen
The Invisible Man

Queen - The Invisible Man (Official Video)
https://youtube.com/watch?v=zKdxd718WXg [Embed]

Queen - The Invisible Man (Rare Alternative Version)
https://youtube.com/watch?v=GItyEOAiZ2A [Embed]

Queen- The Invisible Man (HQ)
https://youtube.com/watch?v=PLBRQgksQNU [Embed]
Edited last time by Endwall on 11/06/2018 (Tue) 03:58:05.



System Resources Endwall 07/05/2017 (Wed) 03:13:35 [Preview] No. 965 [Reply] [Last 50 Posts]
I have some observations to make.

## I just tested these systems:
MS DOS 6.22 runs in 384K of memory (1994)
MS Windows 3.11 runs in 2MB of memory with a full mouse driven GUI (1994)
Macintosh OS 7.53 runs in 7.4MB of memory , full GUI + TCP/IP (1996)
Macintosh OS 8.1 runs in 13.2MB of memory, (1997)
Macintosh OS 8.6 runs in 26MB of meomory, (1998)

OpenBSD 6.1 starts in text mode command line in 27MB of memory
OpenBSD 6.1 in Xenocara uses 65-80MB of memory to start up.

## from recollection:
Windows 7 800MB of memory (2009)

Parabola GNU/Linux starts in text mode cli using 150MB of memory
Parabola GNU/Linux in weston uses 300MB of memory

Message too long. Click here to view full text.

Edited last time by Endwall on 07/05/2017 (Wed) 03:17:31.
10 posts and 3 images omitted.


Endwall 09/19/2017 (Tue) 07:06:02 [Preview] No. 1032 del
>>1008
The machine I used is a SunBlade 150 UltraSparc IIi 550MHz computer from 2003.


Anonymous 09/27/2017 (Wed) 21:38:23 [Preview] No.1038 del
I don't want to sound cliché but I suspect great part of the RAM in parabola is thanks to systemd.

Don't give up on GNU/Linux, there are some distros that take it to extremes to cut the packages to minimum. Source Mage in particular has the philosophy of only including what you want, nothing more, and the sources are clean and untouched. I don't have access to my installation but as soon as I get it I will post results, meanwhile look at how some guy went to have a graphical environment with 97MB.


Endwall 07/12/2018 (Thu) 08:34:29 [Preview] No.1247 del
Fresh install of Parabola/GNU/Linux-Libre/OpenRC

On an Intel core2 laptop

boot into cli from OpenRC

$ free -h

used 60 MB

start xorg as root

# startx

# free -h

used 75 MB

Message too long. Click here to view full text.



Endwall 08/20/2018 (Mon) 23:04:48 [Preview] No.1274 del
Alpine Linux on OpenRC
Fresh install on encrypted lvm with the services it said to start in the wiki guide. In command line on busybox.
$ free -m
120MB.

I couldn't get X org to start, but it would probably add another 20MB on top of that.


Endwall 08/20/2018 (Mon) 23:11:21 [Preview] No.1275 del
Hyperbola with linux-libre-lts on OpenRC is similar to parabola. Boots into user account in command line in at around 100MB xorg adds another 20MB ontop to around 120MB. Booting into a user shell seems to be more memory expensive than starting as root.

I want to boot to command line in no more than 20MB with a GUI that brings me up to no more than 40-50MB of memory usage. Any more than that and there is too much going on.



VPN/proxy/TOR general thread Anonymous 04/15/2016 (Fri) 22:12:39 [Preview] No. 2 [Reply] [Last 50 Posts]
Cool board idea.

What's the safest possible way to browse the internet anonymously and safely? There's a thread on /tech/ with the endwall developer talking about proxychains, and that seems pretty cool. Some of the links to proxy lists seem dead, and I have found some online but why should I trust these random 'free' proxies?

What about proxychains over VPN? I'm currently using Mullvad which is alright, and I'm curious about more security if need be. Does a VPN -> proxychain -> TOR connection work? Sounds horribly slow in theory, but I think we all know that privacy comes at a cost in our current world.

I suppose I could call this a 'VPN/proxy/TOR general thread.'
57 posts and 5 images omitted.


Endwall 08/13/2018 (Mon) 06:23:09 [Preview] No.1262 del
Tor Proxy on Local Area Network (LAN)

What ?
Setup multiple computers on a LAN to route through a tor proxy for specific applications (Links2, , etc)

Why ?
-To allow novice Linux users (mom,dad,etc), to use Tor on applications that allow socks proxy settings like links2, without needing to know how to start Tor in the command line or setting a tor daemon.
- (My reason) To allow another computer to handle Tor with a base install and to close all ports except for 9050 (or a randomly chosen port) outbound on a select computer that you use for Tor browsing and other Tor applications (endcurl, endget, endtube, oldtube, torsocks) etc.

-If you have an implant or a beacon with key logging it will usually broadcast out on port 53 or port 80, close everything (using endwall.sh and comment all ports out except local host for the ports you need and the random outbound port you will use for Tor) and set Tor outbound to a random port (not 9050 say 34591) and set your Tor proxy server to accept inbound for this random port. This will basically squash outbound beacons.

How ?
You will need two computers to test this. On the Tor proxy server,find out the LAN router assigned internal ip address using
$ ip link

( for example say its 192.168.5.153) and add these lines to /usr/local/etc/tor/torrc

Message too long. Click here to view full text.

Edited last time by Endwall on 08/13/2018 (Mon) 21:43:35.


Endwall 08/13/2018 (Mon) 22:04:00 [Preview] No.1270 del
The idea here is to have a minimal install no GUI just a few packages on the Tor proxy server, and use it as a proxy into Tor. On your client computer you will have a full GUI, and probably have installed several packages, some, which unknown to you, will have malware. This malware can be as simple as keylogging with an output beacon going out through port 53 or port 80. It will take you months of scanning your logs to even clue in to what's happening, in the mean time all of your Tor postings are correlated back to you by running the messages against a giant database of clear text key strokes.

So you close all of the ports including port 53 and port 80 to general output, you may mac address bind port 53 to a dns server (same computer as the proxy server) using the same method described with endwall.sh, as well as setup squid to mac address bind port 3128 to the squid proxy for 80,443 and close regular port 443 and port 80 output by commenting out those sections in outbound. That way general output on port 53,80,443 etc is suppressed (dropped), so that the malware beacons can't talk out.


Endwall 08/13/2018 (Mon) 22:10:33 [Preview] No.1271 del
I have a computer with parabola openrc with only a single port open to send socks5 proxy to the Tor proxy server. That's as good as it gets for me for now. My main desktop is MAC address bound to DNS servers (2 computers) and MAC address bound to the Tor Proxy, and Squid Proxy. I leave some ports open so that I can watch TV with endtv and endstream, which don't work behind squid. So I leave port 80,443,1935 open to general output on my desktop so that I can watch TV still. But you can modify some of the streams to lowest quality (low bandwidth streams) and run them behind Tor, reasonably well if you want to close port 80 and 443 for good. Oh but yeah you have to run it with 3 hops for a good transfer rate, still better than a VPN i guess. So you need to compile and link two versions of Tor, tor_stable with 6 hops and mods, and tor_stock with just the stock configuration with 3 hops. I use tor_stock when I use mpv to get around georestrictions, but you can use it for everything if you lower the bit rate on the streams.

Doing similar port restricting and mac address binding proxy schemes using OpenBSD or Gentoo Linux would be the next step. The final step will be to use dumb 8-bit machines to proxy into the Tor Proxy once someone designs it and produces the software.



Internet Security General Anonymous 04/16/2016 (Sat) 07:56:30 [Preview] No. 4 [Reply] [Last 50 Posts]
Continuing from >>>/tech/597
https://archive.is/INR3l
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
88 posts and 7 images omitted.


ZyBxVLcAxIx Grace 06/09/2018 (Sat) 09:30:28 [Preview] No.1229 del
David Beckham has admitted that a big part of him has questioned whether he was right to retire from professional football but that he has been too busy over the past four months to dwell on the decision.

Hey that's great news. He's still in pretty good shape. He'll be signed in no time. Hope he gets a good contract!
No Spam 6 Month Ban
Edited last time by Endwall on 06/11/2018 (Mon) 07:00:31.


Anonymous 07/05/2018 (Thu) 23:59:13 [Preview] No.1241 del
Check out the bleeding edge tor source code!!

The 6-hop mod BREAKS THE COMPILING


torsocks git clone http://dccbbv6cooddgcrq.onion/tor.git


Anonymous 07/06/2018 (Fri) 01:26:42 [Preview] No.1242 del
>>1241
You can still do the 6 hop mod but in src/core/or/circuituse.c after you change default_path_len to 7 delete the line under it that says
else if fourhop_cutoff

also in src/core/or/or.h you can still change default_route_len to 6 but there is no option to modify max_recent_circuits from 1000 to 100


Endwall 07/06/2018 (Fri) 03:46:26 [Preview] No.1243 del
It compiled for me and linked in

src/app/tor

I haven't fully tested it yet though.

But you're correct the options have all been removed from or.h . Also much of the code has been moved around and segregated into different sub directories.

Keep an eye on this. Also if you have any other good Tor mods please feel free to share.


Endwall 07/06/2018 (Fri) 04:03:41 [Preview] No.1244 del
circuitstats.h: * 1000 is approx 2.5 days worth of continual-use circuits. */
circuitstats.h:#define CBT_NCIRCUITS_TO_OBSERVE 1000
circuitstats.h:#define CBT_MAX_RECENT_CIRCUITS 1000
circuitstats.h:#define CBT_MAX_MAX_RECENT_TIMEOUT_COUNT 10000
circuitstats.h:#define CBT_MAX_MIN_CIRCUITS_TO_OBSERVE 10000
circuitstats.h:#define CBT_DEFAULT_TIMEOUT_INITIAL_VALUE (60*1000)

this seems to have been moved into src/cor/or/circuitstats.h

use grep to search for other missing / moved variables. Thanks for the tip >>1241 , >>1242 .